The scene is familiar: the classic user name and password combination, used when logging into your desktop work station, your email client, social networking sites or even your business's data servers.

However, researchers from Cambridge University have recently suggested there is an alarming lack of balance in password security standards across the Internet, which presents a problem for ensuring web security across many networks.

One practice was particularly concerning, said researchers Joseph Bonneau and Sören Preibusch. A major inconsistency in security measures they found was users keeping the same password across many different websites and other services, which they said could undermine authentication on sites with advanced security mechanisms.

"Many poor [password] practices were commonplace, such as a lack of encryption to protect transmitted passwords, storage of cleartext passwords in server databases, and little protection of passwords from brute force attacks," said the report published of the findings.

The report and research found that websites with a large number of financial transactions, such as those of major banks, or private sellers of goods and services accepting payments online, had superior security measures compared to other websites. Content websites were found by the researchers to have the least amount of password security.

Unfortunately, most people feel it is unnecessary to use multiple passwords, the researchers said. This has the implication that a security breach on a less-secure website, such as a content website, could lead to the revelation of the user's password on a more secure platform.

Written by Jason Morton

Password security measures inadequate, say researchers